<?php
require 'config/dataSource.php';

if (isset($_GET['email'])) {
    $email = mysql_real_escape_string($_GET['email']);
    $email = strip_tags($email);
    if (isset($_POST['resetButton'], $_POST['password'])) {
        
        $password = mysql_real_escape_string($_POST['password']);
        $password = strip_tags($password);
        $passwordVerify = mysql_real_escape_string($_POST['confirmPassword']);
        $passwordVerify = strip_tags($passwordVerify);
        if (strlen($password) == 0) {
            $display = "Password cannot be left blank.";
            
        } else if (strlen($password) < 6 || strlen($password) > 16) {
            $display = "Password size should be between 6..16";
            
        } else if ($password != $passwordVerify) {
            $display = "Password does not match. Please try again.";
            
        } else {
            
            $passwordQuery = mysql_query("SELECT * FROM user");
            if (mysql_num_rows($passwordQuery) > 0) {
                while ($row = mysql_fetch_assoc($passwordQuery)) {
                    if(sha1($row['email'])==$email){
                        $updatePasswordQuery = mysql_query("UPDATE user SET password='".$password."' WHERE id='".$row['id']."'");
                        echo ("<SCRIPT LANGUAGE='JavaScript'>
                            window.alert('Congratulation! Your password for the account ". $row['email']." has been changed.')
                            window.location.href='index.php';
                            </SCRIPT>");
                        break;
                    }
                }
                $display = "Sorry, unauthorized account password change";
            }
            
        }
    }
} else {
    header("Location: index.php");
}
?>
<html>
    <head>
        <meta charset="UTF-8">
        <link rel="stylesheet" href="css/newAccount.css">
        <title>Password Change Page</title>
    </head>
    <body style="background: url(images/background.jpg);">

        <div id="wrapper">

            <div id="head">

                <span>Return to log in page? <a class="newAccount" href="index.php">Go Home!</a></span>

            </div>
            <div id="container">
                <img src="images/spsu.png" style="height: 30%; width: 40%; margin-left: 30%;">
                <div id="discussion">

                    <h3 class="WaggleTopic">Password Reset</h3>

                    <hr/>
                </div>
                <form id="form1" method="post" name ="paswordChangeForm">
                    <table style="border: 0px;" cellspacing="20">
                        </tr>
                        <tr>
                        </tr>
                        <tr>
                        </tr>
                        <tr>
                            <td align="center"><label class="label">New Password</label></td>
                            <td><input id ="pass" name="password" type="password" size="30"></td>
                        </tr>
                        <tr>
                            <td align="center"><label class="label">Confirm New Password</label></td>
                            <td><input id ="pass" name="confirmPassword" type="password" size="30"></td>
                        </tr>
                        <tr>
                        </tr>
                        <tr>
                        </tr>
                        </tr>
                        <tr>
                        </tr>
                        <tr>
                        </tr>
                        <tr>
                            <td colspan="2" align="center"><input id="signIn" type="submit" name="resetButton" value="Change Password"/></td>

                        </tr>       
                        <tr>
                            <td colspan="2" id="error">

                                <?php
                                if (isset($display)) {

                                    echo $display;
                                }
                                ?>


                            </td>
                        </tr>

                    </table>
                </form>
            </div>
    </body>
</html>
